[LON-CAPA-cvs] cvs: loncom / loncapa_apache.conf /homework daxeopen.pm

damieng damieng at source.lon-capa.org
Fri Feb 24 12:35:02 EST 2017 

damieng		Fri Feb 24 17:35:02 2017 EDT

  Modified files:              
    /loncom/homework	daxeopen.pm 
    /loncom	loncapa_apache.conf 
  Log:
  improved Daxe chooser dialog navigation, adding /priv/, /priv/domain/, size and date modified for /res files
  
Index: loncom/homework/daxeopen.pm
diff -u loncom/homework/daxeopen.pm:1.5 loncom/homework/daxeopen.pm:1.6
--- loncom/homework/daxeopen.pm:1.5	Thu Feb 23 21:32:08 2017
+++ loncom/homework/daxeopen.pm	Fri Feb 24 17:34:55 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Opening converted problems and directory listings for Daxe
 #
-# $Id: daxeopen.pm,v 1.5 2017/02/23 21:32:08 damieng Exp $
+# $Id: daxeopen.pm,v 1.6 2017/02/24 17:34:55 damieng Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -50,7 +50,7 @@
     &Apache::loncommon::no_cache($request);
     if ($uri =~ /\/$/) {
         return directory_listing($uri, $request);
-    } elsif ($uri =~ /\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$/) {
+    } elsif ($uri =~ /^\/priv\/.*\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$/) {
         return convert_problem($uri, $request);
     } else {
         # Apache should send other files directly
@@ -62,6 +62,16 @@
 sub convert_problem {
     my ($uri, $request) = @_;
     
+    if ($uri =~ /^\/priv\/([^\/]+)\/([^\/]+)\//) {
+        my ($domain, $user) = ($1, $2);
+        my ($uname, $udom) = ($env{'user.name'}, $env{'user.domain'});
+        if (!defined $uname || !defined $udom || $domain ne $udom || $user ne $uname) {
+            $request->content_type('text/plain');
+            $request->print("Forbidden URI: $uri");
+            $request->status(403);
+            return OK;
+        }
+    }
     my $file = &Apache::lonnet::filelocation('', $uri);
     &Apache::lonnet::repcopy($file);
     if (! -e $file) {
@@ -96,17 +106,26 @@
     if ($uri eq '/') {
         # root: let users browse /res
         $res .= "<directory name=\"/\">\n";
+        $res .= "<directory name=\"priv\"/>\n";
         $res .= "<directory name=\"res\"/>\n";
     } elsif ($uri !~ /^\/(priv|res)\//) {
+        $request->content_type('text/plain');
+        $request->print("Not found: $uri");
         $request->status(404);
         return OK;
     } elsif ($uri =~ /^\/res\//) {
+        # NOTE: dirlist does not return an error for /res/idontexist/
 	(my $listref, $listerror) = &Apache::lonnet::dirlist($uri);
 	if ($listerror) {
             $request->content_type('text/plain');
             $request->print("listing error: $listerror");
             $request->status(406);
             return OK;
+	} elsif ($uri =~ /^\/res\/[^\/]+\/$/ && scalar(@{$listref}) == 0) {
+            $request->content_type('text/plain');
+            $request->print("Not found: $uri");
+            $request->status(404);
+            return OK;
 	}
         my $dirname = $uri;
         $dirname =~ s/^.*\/([^\/]*)$/$1/;
@@ -114,7 +133,7 @@
         if (ref($listref) eq 'ARRAY') {
             my @lines = @{$listref};
             foreach my $line (@lines) {
-                my ($path, $dom, undef, $testdir, undef, undef, undef, undef, undef, undef, undef, undef, undef, undef, $obs, undef) = split(/\&/, $line, 16);
+                my ($path, $dom, undef, $testdir, undef, undef, undef, undef, $size, undef, $mtime, undef, undef, undef, $obs, undef) = split(/\&/, $line, 16);
                 my $isdir = ($testdir & 16384) || $dom =~ /^(user|domain)$/;
                 $path =~ s/^\/home\/httpd\/html\/res\///;
                 next if $path eq '.' || $path eq '..';
@@ -137,13 +156,46 @@
                 if ($isdir) {
                     $res .= "<directory name=\"$name\"/>\n";
                 } else {
-                    $res .= "<file name=\"$name\"/>\n";
+                    my $dt = DateTime->from_epoch(epoch => $mtime);
+                    my $modified = $dt->iso8601().'Z';
+                    $res .= "<file name=\"$name\" size=\"$size\" modified=\"$modified\"/>\n";
                 }
             }
         }
-    } else {
+    } elsif ($uri eq '/priv/') {
+        my $udom = $env{'user.domain'};
+        if (!defined $udom) {
+            $request->content_type('text/plain');
+            $request->print("Forbidden URI: $uri");
+            $request->status(403);
+            return OK;
+        }
+        $res .= "<directory name=\"priv\">\n";
+        $res .= "<directory name=\"$udom\"/>\n";
+    } elsif ($uri =~ /^\/priv\/([^\/]+)\/$/) {
+        my $domain = $1;
+        my ($uname, $udom) = ($env{'user.name'}, $env{'user.domain'});
+        if (!defined $uname || !defined $udom || $domain ne $udom) {
+            $request->content_type('text/plain');
+            $request->print("Forbidden URI: $uri");
+            $request->status(403);
+            return OK;
+        }
+        $res .= "<directory name=\"$domain\">\n";
+        $res .= "<directory name=\"$uname\"/>\n";
+    } elsif ($uri =~ /^\/priv\/([^\/]+)\/([^\/]+)\//) {
+        my ($domain, $user) = ($1, $2);
+        my ($uname, $udom) = ($env{'user.name'}, $env{'user.domain'});
+        if (!defined $uname || !defined $udom || $domain ne $udom || $user ne $uname) {
+            $request->content_type('text/plain');
+            $request->print("Forbidden URI: $uri");
+            $request->status(403);
+            return OK;
+        }
         my $dirpath = &Apache::lonnet::filelocation('', $uri);
         if (! -e $dirpath) {
+            $request->content_type('text/plain');
+            $request->print("Not found: $uri");
             $request->status(404);
             return OK;
         }
@@ -176,6 +228,11 @@
                 $res .= "/>\n";
             }
         }
+    } else {
+        $request->content_type('text/plain');
+        $request->print("Not found: $uri");
+        $request->status(404);
+        return OK;
     }
     $res .= "</directory>\n";
     &Apache::loncommon::content_type($request, 'text/xml', 'utf-8');
Index: loncom/loncapa_apache.conf
diff -u loncom/loncapa_apache.conf:1.252 loncom/loncapa_apache.conf:1.253
--- loncom/loncapa_apache.conf:1.252	Thu Feb 23 21:32:15 2017
+++ loncom/loncapa_apache.conf	Fri Feb 24 17:35:01 2017
@@ -2,7 +2,7 @@
 ## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file
 ##
 
-# $Id: loncapa_apache.conf,v 1.252 2017/02/23 21:32:15 damieng Exp $
+# $Id: loncapa_apache.conf,v 1.253 2017/02/24 17:35:01 damieng Exp $
 
 #
 # LON-CAPA Section (extensions to httpd.conf daemon configuration)
@@ -469,7 +469,7 @@
 PerlHandler Apache::lonxml
 </LocationMatch>
 
-<LocationMatch "^/daxe(page|open)/priv/">
+<LocationMatch "^/daxepage/priv/">
 AuthType LONCAPA
 Require valid-user
 PerlAuthzHandler       Apache::loncacc
@@ -479,6 +479,12 @@
 ErrorDocument     500 /adm/errorhandler
 </LocationMatch>
 
+<LocationMatch "^/daxeopen/">
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler       Apache::lonacc
+</LocationMatch>
+
 <LocationMatch "^/daxe(page|open)/uploaded/">
 AuthType LONCAPA
 Require valid-user
@@ -509,12 +515,7 @@
 PerlHandler Apache::daxeopen
 </LocationMatch>
 
-<LocationMatch "^/daxeopen/res/(.+/)?$">
-SetHandler perl-script
-PerlHandler Apache::daxeopen
-</LocationMatch>
-
-<LocationMatch "^/daxeopen/priv/.*/$">
+<LocationMatch "^/daxeopen/(res|priv)/(.+/)?$">
 SetHandler perl-script
 PerlHandler Apache::daxeopen
 </LocationMatch>

More information about the LON-CAPA-cvs mailing list